Deprecated - Security advisories for contributed projects

This forum is deprecated — view current Drupal contributed projects security advisories

SA-CONTRIB-2012-119 - Excluded Users - Cross Site Scripting (XSS)

By Drupal Security Team on 1 Aug 2012 at 13:54 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-119
Project: Excluded Users (third-party module)
Version: 6.x
Date: 2012-August-1
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-118 - Secure Login - Open Redirect

By Drupal Security Team on 25 Jul 2012 at 19:52 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-118
Project: Secure Login (third-party module)
Version: 7.x
Date: 2012-July-25
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Open Redirect

SA-CONTRIB-2012-117 - Location - Access Bypass

By Drupal Security Team on 25 Jul 2012 at 19:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-117
Project: Location (third-party module)
Version: 6.x, 7.x
Date: 2012-July-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2012-116 - Subuser - Cross Site Request Forgery (CSRF) and Access Bypass

By Drupal Security Team on 25 Jul 2012 at 19:42 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-116
Project: Subuser (third-party module)
Version: 6.x
Date: 2012-July-25
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass, Cross Site Request Forgery

SA-CONTRIB-2012-115 - Gallery formatter - Cross Site Scripting (XSS)

By Drupal Security Team on 25 Jul 2012 at 19:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2012-115
Project: Gallery formatter (third-party module)
Version: 7.x
Date: 2012-July-25
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2012-114 - Campaign Monitor - Cross Site Scripting (XSS)

By Drupal Security Team on 18 Jul 2012 at 15:25 UTC

Advisory ID: SA-CONTRIB-2012-114
Project: Campaign Monitor (third-party module)
Version: 6.x
Date: 2012-July-18
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS